Confident IT, compliance, security, operations and development leader with 20 years of experience transforming business objectives into actionable initiatives, concepts into quantifiable improvements, and silos into unified business entities. Trusted driver of continual improvement efforts that stem from expertise as a de facto director-level operator, with concomitant responsibility and verified financial, technical and operational successes. Proven abilities in managing through change and exponential growth, and building consensus with key internal stakeholders, vendors and third parties.

Archives for September 2010

Xmarks is currently a free application that I’d pay for. Unfortunately I might never get that opportunity, which boggles me. How can an application that reportedly has 2 million users on 5 million systems, a good product, and apparently strong supporters, not survive in some form or another?

Xmarks (originally Foxmarks) can among other things backup and sync bookmarks across Firefox, Safari, IE, and Chrome, and across multiple platforms. As I write this their website reports they just hit 1,220,022,504 bookmarks backed up, and the counter keeps growing. I like Xmarks because it solves a specific problem I had and does an effective job in my opinion. Admittedly I rarely use the search or web-based backup access, but it does exactly what I need it to do.

Recently Xmarks announced that they will have to close shop, letting their sync services run for another 90+ days, with the plan to pull the plug after that. Their blog posting currently has over 1,500 comments, many of which state something to the effect of, “we’d gladly pay a small fee to use Xmarks.”

Xmarks commented on things they considered for a revenue model, as well as ways they explored what they could do with the data. Ultimately it appears they have no choice, and for some reason paying for the service itself wasn’t listed as an option:

For four years we have offered the synchronization service for no charge, predicated on the hypothesis that a business model would emerge to support the free service. With that investment thesis thwarted, there is no way to pay expenses, primarily salary and hosting costs. Without the resources to keep the service going, we must shut it down.

If 20% of their users paid $5 a year, that’s $2,000,000. My assumption is either the payroll and hosting costs are so high they can’t meet that, that they don’t really have that many potential paying customers, or they don’t want to be in the sync business. Or maybe there’s something else I’m missing. Regardless, here’s hoping something good happens with the code and intellectual property. I could see the solution becoming peer-to-peer or decentralized to address bandwidth issues, or someone like Abine or Evernote acquiring the technology and incorporating it into their offerings.

This is the second part of a two-part review of Abine’s privacy solution. See the previous post, Abine to Protect Privacy for the first part of the review.

Rob Shavell from Abine and I discussed some questions about Abine’s application, the company itself, and the future.

J: In June this year Abine purchased TACO. How did that come about, what was the process like, and was this something that Abine had always considered pursuing?

R: It’s really not about economics: Abine wants to support privacy-enhancing technologies. We’ve always been open to working with other privacy add-ons that do the right things for users. Any add-on or Web service that truly respects users privacy is someone we want to talk to, no matter what. On the other hand, we don’t want to partner with add-ons owned by advertising companies, or developers looking to collect data, for example. If any add-on developers who love privacy read this, please get in touch with us – my email is rob at getabine.comJ: TACO v3 has already received some updates. How does Abine anticipate TACO evolving in the future?

R: TACO is evolving fast and is getting more development time and resources. TACO users have told us over 300 changes they’d like, and we’re busy at work with these. We also support the older TACO 2 versions, BEEF TACO, etc. Of course, we are 100% convinced that TACO 2. alone doesn’t provide an adequate level of online privacy and users should consider combining a few add-ons together or try TACO 3 with Abine to get better privacy online.

J: What are somethings you’ve all learned along the way since starting Abine?

R: Bringing together privacy features into one place is complex. The users and developers giving us critical feedback are our best teachers. We also learned that we must commit to native Firefox development even though we have an IE version as well. Performance is too important – the community let us hear that one pretty loudly.

J: Who is Abine’s target demographic?

R: We want to target the non-technical web user. Anybody who uses the web for anything at all or that has a bundle of important accounts they want to protect and keep private.

J: How do you plan to instill trust in your users?

R: We aren’t asking users to trust us. We’re asking them to trust themselves. By this we mean something very important. We have no access to our users data. This is super important. First, our users “own their data” – of course. But we also do NOT store or see our users private data. This is a key reason why many of our users today store all their passwords in our Privacy Suite and do all their browsing using Abine: they don’t have to make any complicated decisions about who they can trust: it’s simply, factually, technically, more private.

Other key points on trust:

We are very clear about how we are going to make money: by selling services that protect and enhance your privacy, not by selling user data.

You keep your data on your computer, we don’t use the add-on to collect data.

We made the source available for review by Mozilla and others.

J: With regards to instilling trust, I’d agree that you’re not directly asking users to trust Abine. Given the stated target demographic (non-technical users) their basis for trusting the application may be different from say, a security researcher or coder that might review code and sniff traffic. As a result, they may make an evaluation of trustworthiness based on your website, usability, or how Abine communicates with them. There’s the notion that trust is a function of competence plus likability. An example I see of this is people trusting Google based on their performance, actions, and statements rather than their code, or people trusting Mint.com based on good design and the fact that it does what they want it to. For less savvy users, what do you see as challenges in establishing and maintaining a good reputation in order to grow the business?

R: Great points. Regular users of course can’t do technical reviews of applications. They’ll need to trust the technical reviews and press. This is why we make our code available to reviewers who ask for it even though we haven’t open-sourced it yet. It’s really important for people – no matter how technical they are – to have a basis to trust a company with their personal information. A somewhat more unfortunate way users learn about how Abine does what it says is when they lose their Abine Master Password: since we really don’t know it, they have to re-install!

J: You history mentions working on previous startups and security projects. What were some of those efforts?

R: Andrew was at @stake as well as the create of linux-based public access terminals in the Boston are in the mid-to-late 90s. Eugene was the founder of Datapower and the Linux Hardware Database. Rob helped companies comply with data privacy laws and worked on products for consumer identity protection at Identity Force.

J: The Abine website mentions companies “helping people” that were basically slick marketing outfits out to get cash. What are some examples, and what should people look out for?

R: We think consumers should beware of many “identity protection and monitoring services”, “million dollar guarantees” and “free 10 day trials”. As always, when the marketers come visiting, these kinds of terms pop up. In reality, while these subscription services can help you track down problems once and a while after they happen, they do not address the root causes of privacy. If you’re using these kinds of things, come try Abine. It’s free, and free forever (not just for 10 days).

J: What is the relationship between opyaq.com and Abine?

R: Opayq.com is simply the first of several domains we offer for our users to have safe disposable email addresses (similar to say, www.Mailinator.com.)

J: After purchasing TACO, Abine received some mixed feedback from users regarding the upgrade to version 3.

R: Check out the page and the copy on it, it’s as clear as our team could possibly make it:

J: Why is Abine better than other established solutions used for privacy such as LastPass, Tor, RoboForm, or Google Voice?

R: Now Jason, we love your insightful reviews, but we have to take issue with this question! LastPass stores your passwords online (see your trust question) and Google Voice is the opposite of a privacy product, right? Tor does one thing (and well) and is probably a future partner of ours. The time has come for a company to integrate privacy features and make them available to everyday users, with fantastic customer support.

J: Where does the name Abine come from?

R: For privacy… A Bit Is Not Enough

J: What is your revenue model?

R: We are going to make our money selling additional products and services that directly protect and enhance users privacy, for example fast proxy servers, disposable phone numbers, etc. Whatever value-added services people want around privacy will offer as a business. If it costs us money to provide than we will charge, if it doesn’t than we can offer for free.

J: Are there any plans for a version of Abine for Safari, Chrome, or mobile devices?

R: Yes. We’ll be making announcements here in the next few months, for sure. We have a looong waiting list of users that want this on their browser and platform of choice.

J: Does the eventual shift to HTML5 have any impact on Abine or its functionality?

R: We see HTML5 as having only a minor impact on our vision and technology roadmap at this point, though some of the demos out there are pretty impressive.

J: What do you see as upcoming challenges for Abine?

R: Because of recent press and users concerns, we expect a lot of competition. We just want to stay close to the community that cares about their online privacy and to take our direction from them instead of worrying about others.

J: What do you see as some upcoming milestones for Abine in the next 6-12 months?

R: Abine’s got to earn the respect of the privacy and technical community by building a great set of solutions. We’re totally focused on product: performance, simplification, better smoother features, in short, online privacy that works.

* Who is your target demographic?
We want to target the non-technical web user. Anybody who uses the web for anything at all or that has a bundle of important accounts they want to protect and keep private.
* How do you plan to instill trust in your users? We aren’t asking users to trust us. We’re asking them to trust themselves. By this we mean something very important:
We have no access to our users data. This is super important. First, our users “own their data” – of course. But we also do NOT store or see our users private data. This is a key reason why many of our users today store all their passwords in our Privacy Suite and do all their browsing using Abine: they don’t have to make any complicated decisions about who they can trust: it’s simply, factually, technically, more private.
Other key points on trust: 1. We are very clear about how we are going to make money: by selling services that protect and enhance your privacy, not by selling user data. 2. You keep your data on your computer, we don’t use the add-on to collect data. 3. We made the source available for review by Mozilla and others.
* You history mentions working on previous startups and security projects. What were some of those efforts? Andrew was at @stake as well as the create of linux-based public access terminals in the Boston are in the mid-to-late 90s. Eugene was the founder of Datapower and the Linux Hardware Database. Rob helped companies comply with data privacy laws and worked on products for consumer identity protection at Identity Force.
* You site mentions companies “helping people” that were basically slick marketing outfits out to get cash. What are some examples, and what should people look out for? We think consumers should beware of many “identity protection and monitoring services”, “million dollar guarantees” and “free 10 day trials”. As always, when the marketers come visiting, these kinds of terms pop up. In reality, while these subscription services can help you track down problems once and a while after they happen, they do not address the root causes of privacy. If you’re using these kinds of things, come try Abine. It’s free, and free forever (not just for 10 days).
What is the relationship between opyaq and Abine?
opayq.com
simply the first of several domains we offer for our users to have safe disposable email addresses (similar to say, www.Mailinator.com
)
* Why is Abine better than other established solutions used for privacy such as LastPass, Tor, RoboForm, or Google Voice? Now Jason, we love your insightful reviews, but we have to take issue with this question! LastPass stores your passwords online (see your trust question) and Google Voice is the opposite of a privacy product, right? Tor does one thing (and well) and is probably a future partner of ours. The time has come for a company to integrate privacy features and make them available to everyday users, with fantastic customer support.
* Where does the name Abine come from?
For privacy…
A Bit Is Not Enough
* What is your revenue model?
We are going to make our money selling additional products and services that directly protect and enhance users privacy, for example fast proxy servers, disposable phone numbers, etc. Whatever value-added services people want around privacy will offer as a business. If it costs us money to provide than we will charge, if it doesn’t than we can offer for free.

Byline

Jason Owens is currently a Sr Manager for IT Governance, Application Development, and Information Security for CDW's Services Business. He has over 20 years of experience in IT, security, governance, development, and design.

Learn. Teach. Grow.

Researching and writing on various topics helps me to learn about new events and issues. Ideally I'll then be able to pass this along. Topics include Information Security, Project Management, productivity, and business improvements.